Merge pull request #44569 from thaJeztah/20.10_backport_relax_checkSupportedMediaType

[20.10 backport] distribution: checkSupportedMediaType: allow additional media-types
2022-12-07 13:29:51 +01:00 · 2022-12-07 13:29:51 +01:00 · 50d4d98737
commit 50d4d98737
parent 17451d2fdc 966327c1e5
2 changed files with 20 additions and 6 deletions
--- a/distribution/pull_v2.go
+++ b/distribution/pull_v2.go
@ -620,14 +620,12 @@ func (p *v2Puller) pullSchema1(ctx context.Context, ref reference.Reference, unv
 }

 func checkSupportedMediaType(mediaType string) error {
-	supportedMediaTypes := []string{
-		"application/vnd.oci.image.",
-		"application/vnd.docker.",
-	}
-
 	lowerMt := strings.ToLower(mediaType)
 	for _, mt := range supportedMediaTypes {
-		if strings.HasPrefix(lowerMt, mt) {
+		// The should either be an exact match, or have a valid prefix
+		// we append a "." when matching prefixes to exclude "false positives";
+		// for example, we don't want to match "application/vnd.oci.images_are_fun_yolo".
+		if lowerMt == mt || strings.HasPrefix(lowerMt, mt+".") {
 			return nil
 		}
 	}
--- a/distribution/registry.go
+++ b/distribution/registry.go
@ -19,6 +19,22 @@ import (
 	ocispec "github.com/opencontainers/image-spec/specs-go/v1"
 )

+// supportedMediaTypes represents acceptable media-type(-prefixes)
+// we use this list to prevent obscure errors when trying to pull
+// OCI artifacts.
+var supportedMediaTypes = []string{
+	// valid prefixes
+	"application/vnd.oci.image",
+	"application/vnd.docker",
+
+	// these types may occur on old images, and are copied from
+	// ImageTypes below.
+	"application/octet-stream",
+	"application/json",
+	"text/html",
+	"",
+}
+
 // ImageTypes represents the schema2 config types for images
 var ImageTypes = []string{
 	schema2.MediaTypeImageConfig,